YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: access token will expired after 24h (#1988)

Browse Source
This commit is contained in:
Jianwei Zhang
2023-07-19 08:45:30 +08:00
committed by GitHub
parent 83b771d5cd
commit 8bcc2bd715
1 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
api/v1/jwt.go
View File

@ -112,14 +112,6 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"]) return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
}) })
if !accessToken.Valid {
auth.RemoveTokensAndCookies(c)
return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
}
if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
}
generateToken := time.Until(claims.ExpiresAt.Time) < auth.RefreshThresholdDuration generateToken := time.Until(claims.ExpiresAt.Time) < auth.RefreshThresholdDuration
if err != nil { if err != nil {
var ve *jwt.ValidationError var ve *jwt.ValidationError
@ -135,6 +127,10 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
} }
} }
if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
}
// We either have a valid access token or we will attempt to generate new access token and refresh token // We either have a valid access token or we will attempt to generate new access token and refresh token
ctx := c.Request().Context() ctx := c.Request().Context()
userID, err := strconv.Atoi(claims.Subject) userID, err := strconv.Atoi(claims.Subject)